Wildfire SSL Issue

Hi there,

I have setup Wildfire 2.6.2 on a linux box with SSL support. The strange thing is when I connect from IM+ jabber client from ShapeService via SSL, it gives this error.

006.06.28 10:35:55 SSL Connect d9c11d[SSL_NULL_WITH_NULL_NULL: Socket[addr=/202.79.92.193,port=40740,localport=5223]]

2006.06.28 10:35:57 Error creating session

javax.net.ssl.SSLException: Received fatal alert: illegal_parameter

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1542)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:863)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImp l.java:1025)

at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:67 5)

at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)

at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:411)

at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:453)

at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183)

at java.io.InputStreamReader.read(InputStreamReader.java:167)

at org.xmlpull.mxp1.MXParser.fillBuf(MXParser.java:2971)

at org.xmlpull.mxp1.MXParser.more(MXParser.java:3025)

at org.xmlpull.mxp1.MXParser.parseProlog(MXParser.java:1410)

at org.jivesoftware.wildfire.net.MXParser.nextImpl(MXParser.java:331)

at org.xmlpull.mxp1.MXParser.next(MXParser.java:1093)

at org.jivesoftware.wildfire.net.SocketReader.createSession(SocketReader.java:573)

at org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:110)

at java.lang.Thread.run(Thread.java:595)

Other clients such as JAJC, Pandion, GAim, Sparks work fine. In the end, I have to run a stunnel service locally on port 5224 and forward to the non-ssl port (5222) to get it working. Anyone know why?

TIA!

It looks like the client sent a bad SSL alert. Can you install ssldump and use that to watch what is going on? Ive not been able to get ssldump to read the private certificate Wildfire uses, so it wont decrypt the session, but it should give some indication of what is going on.

ssldump is like tcpdump, and can be found here if your distribution dosnt already include it: http://www.rtfm.com/ssldump/